Tofinosecurity.com uses cookies for analytics and functionality purposes.
To change your cookie settings or find out more, click here.
If you continue browsing our website or close this banner, you accept these cookies.

Search form

menu-bar

OPC (includes RPC and DCOM)

Description

Formerly known as OLE for Process Control, OPC Classic was developed in 1996 in response to a demand for standard methods to allow different control systems to interface with each other. Today it has grown to be the world’s leading technology for integrating different automation products. No single industrial communications standard has achieved the widespread acceptance across so many different verticals,industries and equipment manufacturers as OPC Classic. It is used to interconnect an amazing variety of industrial and business systems, ranging from Human Machine Interface (HMI) workstations, Safety Instrumented Systems (SIS) and Distributed Control Systems (DCS) on the plant floor, to enterprise databases, ERP systems and other business-oriented software in the corporate world.

OPC Security Summary

OPC Classic, based on Microsoft COM/DCOM technology and the RPC (Remote Procedure Call) protocol, is widely used in control systems as an interoperability solution, interfacing control applications from multiple vendors. But the DCOM technologies underlying OPC Classic were designed before network security issues were widely understood. As a result, OPC Classic is almost impossible to secure using a conventional IT firewall and requires specific techniques and processes to secure effectively.

Known Security Issues and Vulnerabilities

Tofino Security Products for Improving Security

A Loadable Security Module that inspects, tracks and secures every connection that is created by an OPC application. It dynamically opens only the TCP ports that are required for each connection, and only between the specific OPC client and server that created the connection. It’s simple to use – no configuration changes are required on the OPC clients and servers.